aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-01-12examples: Updated SMTP MAIL example to use a read function for dataSteve Holme
Updated to read data from a callback rather than from stdio as this is more realistic to most use cases.
2014-01-12OpenSSL: deselect weak ciphers by defaultDaniel Stenberg
By default even recent versions of OpenSSL support and accept both "export strength" ciphers, small-bitsize ciphers as well as downright deprecated ones. This change sets a default cipher set that avoids the worst ciphers, and subsequently makes https://www.howsmyssl.com/a/check no longer grade curl/OpenSSL connects as 'Bad'. Bug: http://curl.haxx.se/bug/view.cgi?id=1323 Reported-by: Jeff Hodges
2014-01-12multi: remove MULTI_TIMEOUT_INACCURACYDaniel Stenberg
With the recently added timeout "reminder" functionality, there's no reason left for us to execute timeout code before the time is ripe. Simplifies the handling too. This will make the *TIMEOUT and *CONNECTTIMEOUT options more accurate again, which probably is most important when the *_MS versions are used. In multi_socket, make sure to update 'now' after having handled activity on a socket.
2014-01-11Makefile.dist: Added support for VC7Steve Holme
Currently VC7 and VC7.1 builds have to be ran with the VC variable set to vc6 which is not only inconsistent with the nmake winbuild system but also with newer versions of Visual Studio supported by this file. Note: This doesn't break the build for anyone still running with the VC variable set to vc6 or not set (which defaults to vc6).
2014-01-10RELEASE-NOTES: Synced with 980659a2caa285Steve Holme
2014-01-10multi_socket: remind app if timeout didn't runDaniel Stenberg
BACKGROUND: We have learned that on some systems timeout timers are inaccurate and might occasionally fire off too early. To make the multi_socket API work with this, we made libcurl execute timeout actions a bit early too if they are within our MULTI_TIMEOUT_INACCURACY. (added in commit 2c72732ebf, present since 7.21.0) Switching everything to the multi API made this inaccuracy problem slightly more notable as now everyone can be affected. Recently (commit 21091549c02) we tweaked that inaccuracy value to make timeouts more accurate and made it platform specific. We also figured out that we have code at places that check for fixed timeout values so they MUST NOT run too early as then they will not trigger at all (see commit be28223f35 and a691e044705) - so there are definitately problems with running timeouts before they're supposed to run. (We've handled that so far by adding the inaccuracy margin to those specific timeouts.) The libcurl multi_socket API tells the application with a callback that a timeout expires in N milliseconds (and it explicitly will not tell it again for the same timeout), and the application is then supposed to call libcurl when that timeout expires. When libcurl subsequently gets called with curl_multi_socket_action(...CURL_SOCKET_TIMEOUT...), it knows that the application thinks the timeout expired - and alas, if it is within the inaccuracy level libcurl will run code handling that handle. If the application says CURL_SOCKET_TIMEOUT to libcurl and _isn't_ within the inaccuracy level, libcurl will not consider the timeout expired and it will not tell the application again since the timeout value is still the same. NOW: This change introduces a modified behavior here. If the application says CURL_SOCKET_TIMEOUT and libcurl finds no timeout code to run, it will inform the application about the timeout value - *again* even if it is the same timeout that it already told about before (although libcurl will of course tell it the updated time so that it'll still get the correct remaining time). This way, we will not risk that the application believes it has done its job and libcurl thinks the time hasn't come yet to run any code and both just sit waiting. This also allows us to decrease the MULTI_TIMEOUT_INACCURACY margin, but that will be handled in a separate commit. A repeated timeout update to the application risk that the timeout will then fire again immediately and we have what basically is a busy-loop until the time is fine even for libcurl. If that becomes a problem, we need to address it.
2014-01-10threaded-resolver: never use NULL hints with getaddrinfoDaniel Stenberg
The net effect of this bug as it appeared to users, would be that libcurl would timeout in the connect phase. When disabling IPv6 use but still using getaddrinfo, libcurl would wrongly not init the "hints" struct field in init_thread_sync() which would subsequently lead to a getaddrinfo() invoke with a zeroed hints with ai_socktype set to 0 instead of SOCK_STREAM. This would lead to different behaviors on different platforms but basically incorrect output. This code was introduced in 483ff1ca75cbea, released in curl 7.20.0. This bug became a problem now due to the happy eyeballs code and how libcurl now traverses the getaddrinfo() results differently. Bug: http://curl.haxx.se/mail/lib-2014-01/0061.html Reported-by: Fabian Frank Debugged-by: Fabian Frank
2014-01-09darwinssl: un-break Leopard build after PKCS#12 changeNick Zitzmann
It turns out errSecDecode wasn't defined in Leopard's headers. So we use the enum's value instead. Bug: http://curl.haxx.se/mail/lib-2013-12/0150.html Reported by: Abram Pousada
2014-01-08Curl_updateconninfo: don't do anything for UDP "connections"Daniel Stenberg
getpeername() doesn't work for UDP sockets since they're not connected Reported-by: Priyanka Shah Bug: http://curl.haxx.se/mail/archive-2014-01/0016.html
2014-01-08info: remove debug outputDaniel Stenberg
Removed some of the infof() calls that were added with the recent pipeline improvements but they're not useful to the vast majority of readers and the pipelining seems to fundamentaly work - the debugging outputs can easily be added there if debugging these functions is needed again.
2014-01-08runtests: disable memory tracking with threaded resolverDaniel Stenberg
The built-in memory debug system doesn't work with multi-threaded use so instead of causing annoying false positives, disable the memory tracking if the threaded resolver is used.
2014-01-08trynextip: fix build for non-IPV6 capable systemsDaniel Stenberg
AF_INET6 may not exist then Patched-by: Iida Yosiaki Bug: http://curl.haxx.se/bug/view.cgi?id=1322
2014-01-08makefile: Added support for VC12Steve Holme
2014-01-08makefile: Added support for VC11Steve Holme
2014-01-08winbuild: Follow up fix for a47c142a88c0, 11e8066ef956 and 92b9ae5c5d59Steve Holme
2014-01-07mk-ca-bundle.1: document -dDaniel Stenberg
2014-01-07RELEASE-NOTES: Synced with 8ae35102c43d8dSteve Holme
2014-01-07ConnectionExists: fix NTLM check for new connectionDaniel Stenberg
When the requested authentication bitmask includes NTLM, we cannot re-use a connection for another username/password as we then risk re-using NTLM (connection-based auth). This has the unfortunate downside that if you include NTLM as a possible auth, you cannot re-use connections for other usernames/passwords even if NTLM doesn't end up the auth type used. Reported-by: Paras S Patched-by: Paras S Bug: http://curl.haxx.se/mail/lib-2014-01/0046.html
2014-01-05examples: Added required libcurl version information to SMTP examplesSteve Holme
2014-01-05mk-ca-bundle.pl: avoid warnings with -d without parameterDaniel Stenberg
2014-01-05mk-ca-bundle: introduces -d and warns about using this scriptLeif W
2014-01-05Makefile: Added missing WinSSL and x64 configurationsSteve Holme
2014-01-05docs/INTERNALS: follow up fix for 11e8066 and 92b9ae5Marc Hoersken
2014-01-05packages: follow up fix for a47c142, 11e8066 and 92b9ae5Marc Hoersken
2014-01-05multi.c: fix possible dereference of null pointerMarc Hoersken
2014-01-05Examples: Renamed SMTP MAIL example to match other email examplesSteve Holme
2014-01-05examples: Added POP3 TLS exampleSteve Holme
2014-01-05examples: Added IMAP NOOP exampleSteve Holme
2014-01-05examples: Added POP3 NOOP exampleSteve Holme
2014-01-05pop3-stat.c: Corrected small typo from commit 91d62e9abd761cSteve Holme
2014-01-05examples: Added POP3 STAT exampleSteve Holme
2014-01-05examples: Added POP3 TOP exampleSteve Holme
2014-01-05examples: Added POP3 DELE exampleSteve Holme
2014-01-05examples: Added POP3 UIDL exampleSteve Holme
2014-01-05examples: Added POP3 RETR exampleSteve Holme
2014-01-05examples: Added return of error code in POP3 examplesSteve Holme
2014-01-05runtests.pl: Updated copyright year after edit from d718abd968aeb4Steve Holme
2014-01-05examples: Reworked POP3 examples for additional upcoming POP3 examplesSteve Holme
2014-01-05examples: Added SMTP SSL exampleSteve Holme
2014-01-05examples: Added IMAP SSL and TLS examplesSteve Holme
2014-01-05runtests.pl: check for tstunnel command on WindowsMarc Hoersken
The Windows console version of stunnel is called "tstunnel", while running "stunnel" on Windows spawns a new console window which cannot be handled by the testsuite.
2014-01-05testcurl.pl: always show the last 5 commits even with --nogitpullMarc Hoersken
2014-01-04ftp tests: provide LIST responses in the test file itselfDaniel Stenberg
Previously LIST always returned a fixed hardcoded list that the ftp server code knew about, mostly since the server didn't get any test case number in the LIST scenario. Starting now, doing a CWD to a directory named test-[number] will make the test server remember that number and consider it a test case so that a subsequent LIST command will send the <data> section of that test case back. It allows LIST tests to be made more similar to how all other tests work. Test 100 was updated to provide its own directory listing.
2014-01-04examples: Standardised username and password settings for all email examplesSteve Holme
Replaced the use of CURLOPT_USERPWD for the preferred CURLOPT_USERNAME and CURLOPT_PASSWORD options and used the same username and password for all email examples which is the same as that used in the test suite.
2014-01-04Updated copyright year for recent changesSteve Holme
2014-01-04secureserver.pl: support for stunnel-path with nun-alphanum charsMarc Hoersken
This is desired to support stunnel installations on Windows.
2014-01-04conncache.c: fix possible dereference of null pointerMarc Hoersken
2014-01-04docs: primarily refer to schannel as WinSSLMarc Hoersken
2014-01-04examples: Added IMAP COPY exampleSteve Holme
2014-01-04examples: Added IMAP DELETE exampleSteve Holme